Potential security vulnerability for WebSphere Application Server affects WebSphere Enterprise Service Bus due to the Java HashTable implementation (CVE-2012-0193)
A potential security exposure is due to the Java HashTable implementation, which can result in a Denial of Service (DoS).
Diagnosing the problem
A security exposure exists in all versions of WebSphere Application Server, which have shipped with WebSphere Enterprise Service Bus. This issue can cause a large number of HashTable collisions due to specially crafted HTTP request parameters. With too many collisions, performance is significantly impaired and can lead to a denial of service.
Resolving the problem
For the most up-to-date information, review the following WebSphere Application Server document: Potential security vulnerability when using Web based applications on IBM WebSphere Application Server due to Java HashTable implementation vulnerability (PM53930)
More support for:
WebSphere Enterprise Service Bus
Software version: 6.1, 6.1.2, 6.2, 7.0, 7.5, 7.5.1
Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows, z/OS
Reference #: 1594766
Modified date: 10 May 2012
Translate this page: